public ActionResult Login([FromBody] SignupUserDto dto) { if (!isValidUserCredential(dto)) { return(BadRequest()); } var user = _service.GetAppUser(dto.Username); if (user == null) { return(BadRequest()); } if (IsInvalidPassword(dto, user)) { return(BadRequest()); } var userToken = GenerateToken(user); AuthenticatedUser result = new AuthenticatedUser(); result.Username = user.Username; result.Token = userToken; return(Ok(result)); }
private bool isValidUserCredential(SignupUserDto dto) { if (string.IsNullOrEmpty(dto.Username) || string.IsNullOrEmpty(dto.Password)) { return(false); } if (dto.Username.Length < 2 || dto.Password.Length < 6) { return(false); } string regExUsernameInvalidValue = @"[^a-zA-Z\d]"; string regExPasswordInvalidValue = @"[^a-zA-Z\d]"; var regExMatchInvalidUser = Regex.Match(dto.Username, regExUsernameInvalidValue, RegexOptions.IgnoreCase); var regExMatchInvalidPassword = Regex.Match(dto.Password, regExPasswordInvalidValue, RegexOptions.IgnoreCase); if (regExMatchInvalidUser.Success || regExMatchInvalidPassword.Success) { Console.WriteLine("Am entering successfully :D "); return(false); } return(true); }
public ActionResult CreateUser([FromBody] SignupUserDto dto) { if (!isValidUserCredential(dto)) { return(BadRequest()); } if (_service.GetAppUser(dto.Username) != null) { return(BadRequest()); } int.TryParse( _configuration.GetSection("Auth:PwdSize").Value, out var size); if (size == 0) { throw new ArgumentException(); } var salt = PasswordService.GenerateSalt(size); var pwd = PasswordService.HashPassword(dto.Password, salt, size); _service.CreateUser(dto.Username, pwd, salt); return(CreatedAtRoute(null, dto.Username)); }
public void User_Signup_Bad_Request_AlreadySignedUp() { var signupUser = new SignupUserDto { Username = UserName, Password = UserPassword }; var(_, statusCode) = PostData(AuthenticateUserUrl + "/users", signupUser, string.Empty); Assert.Equal(HttpStatusCode.BadRequest, statusCode); }
private bool IsInvalidPassword(SignupUserDto dto, AppUser user) { int.TryParse( _configuration.GetSection("Auth:PwdSize").Value, out var size); var pwd = PasswordService.HashPassword(dto.Password, user.Salt, size); if (user.Password != pwd) { return(true); } return(false); }